Symmetric vs. asymmetric algorithms

Every
encryption/decryption algorithm needs a key for encryption and a key
for decryption.

When
these two keys are same, the algorithm is called symmetric.

When
these two are different, the algorithm is called asymmetric.

Symmetric
algorithms are lightweight i.e. they do not consume too much
computation power but they have the disadvantage that the single key
needs to be kept very secure. If the key leaks to a third party,
anybody can encrypt/decrypt and hence easily become
man-in-the-middle.

When
signing a message before giving to the general public, the encryption
key is kept secret. Decryption key is public so that a successful
decryption proves the authenticity of the sender.

When
receiving messages securely from the public, the decryption key is
kept secret. So anyone can encrypt messages but only the owner of
decryption key can read them. Some well-known asymmetric algorithms
are RSA, DSA and ELGAMAL.

Clearly
with symmetric keys, every pair of users would need to have their own
shared secret key whereas in asymmetric keys, only one user needs to
have one key secret to establish his own identity, rest all can use
the corresponding public key to establish that the message is from a
particular individual.

Since
asymmetric algorithms are much slower than symmetric ones, a
combination of both is used usually. After successful authentication
using asymmetric keys, one or more symmetric keys are generated and
exchanged using the asymmetric encryption.

Like us on Facebook to remain in touch
with the latest in technology and tutorials!

Got a thought to share or found abug in the code? We'd love to hear from you: